WP-Optimize WordPress plugin < 3.2.13 - Cross-Site Scripting

The WP-Optimize WordPress plugin before 3.2.13 and SrbTransLatin WordPress plugin before 2.4.1 are vulnerable to cross-site scripting due to a third-party library that improperly handles HTML character escaping. id: CVE-2023-1119 info: name: WP-Optimize WordPress plugin 3.2.13 - Cross-Site...

CVE-2026-1119

creationtimestamp| type| source ---|---|--- 2026-01-18 13:58:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcpbvk34lo2x...

CVE-2026-1119

CVE-2026-1119 affects itsourcecode Society Management System 1.0. The vulnerability is in an unknown function of the file /admin/delete_activity.php, where manipulating the activity_id parameter can trigger a SQL injection. The attack can be launched remotely, and exploits have been published. Se...

MiracleLinux 7 : mod_nss-1.0.14-7.el7 (AXSA:2016-1119:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2016-1119:01 advisory. The modnss module provides strong cryptography for the Apache Web server via the Secure Sockets Layer SSL and Transport Layer Security TLS protocols using th...

CVE-2022-1119

creationtimestamp| type| source ---|---|--- 2025-12-19 20:18:03+00:00| seen| https://t.me/Dooztoria/22...

Linux Distros Unpatched Vulnerability : CVE-2015-1119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple iOS before 8.3, Apple TV before 7.2, and Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, allows remote attackers to...

Linux Distros Unpatched Vulnerability : CVE-2005-1119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sudo VISudo 1.6.8 and earlier allows local users to corrupt arbitrary files via a symlink attack on temporary files. CVE-2005-1119 Note that Nessus relies on th...

CVE-2019-1119

A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122, CVE-2019-1123, CVE-2019-1124,...

Linux Distros Unpatched Vulnerability : CVE-2010-1119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on...

CVE-2024-1119

CVE-2024-1119 – Order Tip for WooCommerce (WordPress) : Unauthenticated users can export the plugin’s order fees due to a missing authorization check in export_tips_to_csv() across all versions up to 1.3.1. This is a broken access control vulnerability that enables data exposure. A fix is availab...

WordPress Order Tip for WooCommerce Plugin <= 1.3.1 is vulnerable to Broken Access Control

Software Order Tip for WooCommerce Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.4.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1119 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 6f66f4219506 Credits Francesco Carlucci...

WordPress WP-Optimize Plugin < 3.2.13 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wp-optimize:wp-optimize"; ifdescription...

CVE-2023-1119

creationtimestamp| type| source ---|---|--- 2023-07-10 20:23:59+00:00| seen| https://t.me/cibsecurity/66256 2024-12-12 20:42:31+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-1119.yaml 2025-02-19 21:02:35+00:00| seen|...

CVE-2023-1119

The WP-Optimize WordPress plugin before 3.2.13, SrbTransLatin WordPress plugin before 2.4.1 use a third-party library that removes the escaping on some HTML characters, leading to a cross-site scripting vulnerability...

CVE-2023-1119

The WP-Optimize WordPress plugin before 3.2.13, SrbTransLatin WordPress plugin before 2.4.1 use a third-party library that removes the escaping on some HTML characters, leading to a cross-site scripting vulnerability...

CVE-2023-1119

The CVE-2023-1119 issue affects WordPress plugins WP-Optimize (before 3.2.13) and SrbTransLatin (before 2.4.1). Affected component is a third-party library that fails to escape certain HTML characters, leading to cross-site scripting (XSS). Public sources describe unauthenticated attacker access ...

CVE-2023-1119 Multiple Plugins - Cross-Site Scripting From Third-party Library

The WP-Optimize WordPress plugin before 3.2.13, SrbTransLatin WordPress plugin before 2.4.1 use a third-party library that removes the escaping on some HTML characters, leading to a cross-site scripting vulnerability...

CVE-2023-1119 Multiple Plugins - Cross-Site Scripting From Third-party Library

The WP-Optimize WordPress plugin before 3.2.13, SrbTransLatin WordPress plugin before 2.4.1 use a third-party library that removes the escaping on some HTML characters, leading to a cross-site scripting vulnerability...

WordPress WP-Optimize Plugin < 3.2.13 is vulnerable to Cross Site Scripting (XSS)

Software WP-Optimize Type Plugin Vulnerable versions 3.2.13 Fixed in 3.2.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1119 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 74a58d2a57e4 Credits Paolo Elia Required...

VulnCheck KEV: CVE-2023-1119

The WP-Optimize WordPress plugin before 3.2.13, SrbTransLatin WordPress plugin before 2.4.1 use a third-party library that removes the escaping on some HTML characters, leading to a cross-site scripting vulnerability...